In a statement FBI Director Chris Wray has asked US companies and other victims of hacking to not pay ransom since it will only embolden and incentivize them for future attacks.
“In general, we would discourage paying the ransom because it encourages more of these attacks, and frankly, there is no guarantee whatsoever that you are going to get your data back,” Wray testified before a U.S. Senate appropriations panel.
Earlier the Justice Department managed to recover around $2.4 million in cryptocurrency that was paid as ransom to the hackers of the Colonial Pipeline Co; the attack had led to a widespread shortage of fuel at gas stations on the East Coast. The FBI was able to recover a portion of the funds since it had private key that it was able to use to unlock a bitcoin wallet holding most of the money. The FBI has not publicly disclosed how it managed to access the private key.
While Bitcoin seizures by the federal government is quite uncommon, authorities are gaining more expertise in tracking the flow of digital money.
In his testimony, Wray said the FBI is seeing increasingly sophisticated types of ransomware attacks and that hackers are demanding larger sums of money.
“We’ve seen the total volume of the money paid I think triple over the last year or so,” said Wray while adding, “companies and municipal governments, and other victims of ransomware attacks should consider going to the FBI as soon as possible”.
“When they do, there’s all kinds of things that we can do,” said Wray.
“Sometimes through other work we’ve done, we might have the decryption key and be able to help the company unlock their data without having to pay the ransom”.